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CLAIMS 



1. (currently amended) A method of distributing data to member devices of a multicast data 
group via managing virtual channels ifl-a multicast session, the method comprising: 

establishing a plurality of virtual channels for the multicast session, each v irtual ^anngl 
defined bv an amount of time remaining until expiration: 

receivin g, at a key distributor device, a request from a requestor device to join the 
multicast sessio n, the request indicating a requested amount of time of utilization of the multicast 
session fer a time period : 




selecting a virtual channel from a the p lurality of virtual channels for communications by 
the requestor by correlating the amount of time indicated bv the requestor with the amount of 
time remaining until expiration of the virtual channels in respons e to a desired j i mo period of 
communication by the requestor, e ach - virtual chann e l carrying - at - lca st H - Hi e str e am of data that is 
common to all virtual channels associat e d with the multica st- s es sion, but differing in membership ; 
forwarding a vi rtual channel new key for the selected virtual channel to the requestor, and 
forwarding the new v irtual channel key to all pre-existing m embers of the selected v irtual 
channeliand 

distributing the data to the members of the multicast group via each of the virtual 

channels. 

whereby the requestor joins the multicast data group without prompting re-keving of 

members associated with virtual channels other than the selected virtual channel . 

2. (previously presented) A method according to claim 1 7 wherein each virtual channel of the 
plurality of virtual channels is associated with a different time duration. 

3. (original) A method according to claim 1, wherein no member can be in more than one virtual 
channel. 

4. (original) A method according to claim 1, further comprising: 

distributing a data key to each multicast virtual channel. 
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5. (original) The method according to claim I, wherein all of the virtual channels reside within one 
domain. 

6. (original) The method according to claim 1, further comprising: 

rekeying the virtual channel key when membership of the virtual channel changes. 

7. (original) The method according to claim 6, wherein in the act of rekeying at least one member 
is present in the virtual channel after the membership changes. 

S. (original) The method according to claim 2, associating an unlimited time duration with a 
virtual channel creating a permanent virtual channel. 

9. (original) The method according to claim 2, wherein a member may join a virtual channel for 
less than the virtual channel's full time duration. 

10. (original) The method according to claim 2, further comprising: 

creating a lower and upper bounds for the virtual channel based on the time duration of 
the virtual channel, 

1 1. (original) A method according to claim 2, further comprising: 

reassigning time duration for a virtual channel if a virtual channel i$ freed. 

12. (original) A method according to claim 2, further comprising: 

reassigning time duration for all virtual channels if a virtual channel is freed. 

13. (original) The method according to claim 1 1, wherein a virtual channel is freed when an upper 
member expires. 

14. (original) The method according to claim 1 1 ? wherein a virtual channel is freed when all 
members expires. 
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15. (original) The method according to claim 12, wherein in the act of reassigning further 
comprises the step of reconfiguring the lower and upper bounds of all virtual channels. 

16. (original) The method according to claim 1 1, wherein only the freed virtual channel rekeys the 
virtual channel key to all members of the freed virtual channel. 

17. (currently amended) An apparatus for distributing data to member devices of a multicast data 
group via m anaging virtual channels in a multicast session, the apparatus comprising: 

control logic operable to establish a plurality of virtual channels for the multicast session, 
each virtual channel defined bv an amount of time remaining until expiration: 

a receiver for receiving a request from a requestor to join the multicast session for a time 
period, the request indicating a requested amount of time of u tilization nf the multicast session: 

an assignment module for selecting a virtual channel from a the plurality of virtual 
channels for communications by the requestor bv correlating the amount of time indicated with 
the amount of time remaining until expiration of the virtual channels in respond tn n ricrri r f i ri timn 
period of communication by th e requ e stor, each virtu a l - channel carrying at least one stream of 
data that is common to all virtual channels as so c i at e d with the multicasfrsc ss ion, but diff e ring in . 

ZIZwJJlX7Vl' a 3UlLJ } 

a requestor forwarding module for forwarding a new v irtual channel ke y for the selected 
virtual channel to the requestor, add 

a member forwarding module for forwarding the new virtual channel key to all pre- 
existing m embers of the selected v irtual channe liand 

a transmitter for distributing the data to the members of the multicast group via each of 

the virtual channels. 

whereby the apparatus enables the requestor to join the multicast data group without 

prompting re-k eying of members associated with v irtual chan nels other than the selected virtual 

channel 
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IS. (original) The apparatus according to claim 17, further comprising: 

a virtual channel module which creates each virtual channel based on a time duration. 

19. (original) The apparatus according to claim 17, wherein the assignment module prevents a 
member from being in more than one virtual channel. 

20. (original) The apparatus according to claim 17, further comprising: 

a data key distributor for distributing a data key to each multicast virtual channel. 

21. (original) The apparatus according to claim 17, wherein the apparatus controls the multicast 
virtual channels which reside within one domain. 

22. (original) The apparatus according to claim 17, further comprising: 

a rekeying module for rekeying a virtual channel when membership of the virtual channel 
changes. 

23. (original) The apparatus according to claim 18, wherein the virtual channel module creates a 
permanent virtual channel with an unlimited duration. 

24. (original) The apparatus according to claim 18, wherein the receiver may receive a request to 
join a virtual channel for less than the virtual charmers full time duration. 

25. (original) The apparatus according to claim 18, wherein the virtual channel module creates a 
lower and upper bounds for the virtual channel based on the time duration of the virtual channel. 

26. (original) The apparatus according to claim 1 8 S further comprising: 

a reassignment module for reassigning time duration for a virtual channel if the virtual 
channel is freed. 

27. (original) The apparatus according to claim 18, further comprising: 
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a reassignment module for reassigning time duration for all virtual channels if a virtual 
channel is freed. 

28. (original) The apparatus according to claim 27, wherein a virtual channel is freed when an 
upper member expires. 

29. (original) The apparatus according to claim 27, wherein a virtual channel is freed when all 
members expire. 

30. (original) The apparatus according to claim 27 7 wherein the reassignment module reconfigures 
the lower and upper bounds of all virtual channels. 

31. (original) The apparatus according to claim 22, wherein the rekeying module rekeys the 
virtual channel key to all members of a freed virtual channel. 

32. (currently amended) A computer program product for use on a computer system for 
facilitating dis t ribution of data to member devices of a multicast data group via a aanftgi ftg - virtual 
channels in a multicast session, the computer program product comprising a computer usable 
medium having computer readable program code thereon, the computer readable program code 
including: 

computer code operable to establish a plurality of virt ual channel s for the multicast 
session, each virtual channel defined by an amount of tim e remaini ng until expiration: 

receiving a request from a requestor to join the multicast session the request indicating a 
requested amount of time nf iitiliyati on of the multicast sessio n fer-anfeimn pnrinri; 

computer code for selecting a virtual channel from a the plurality of virtual channels for 
communications by the requestor bv correlating the amount of time indicated bv the requestor 
with the amount of time remaining unt il expiration of the virtu al channel* in rreprmc^r, n ^fn^ 
time period of communication by the requestor, cask virtual channel cgrrying-^4ea$t-one stream 
of data that is common to all - virtual chaimck -assoe iated with the multicast session, but differin g^ 
membership ; 
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computer code for forwarding the a new key for the s elected virtual channel key to the 
requestor, and 

computer code for forwarding the new v irtual channel key to all pre-existing m embers of 
the selected v irtual channe l; and 

computer code for distributing the data to the members of the multicast group via each of 

the virtual channels, 

whereby the requestor joins the multicast data g rou p without prompting re-keving of 

members associated with virtual channels other than the selected virtual channel. 

33. (original) A computer program product according to claim 32 s wherein each virtual channel is 
associated with a time duration, 

34. (original) A computer program according to claim 32 t wherein no member can be in more 
than one virtual channel. 

35. (original) A computer program product according to claim 32, further comprising: 

computer code for distributing a data key to each multicast virtual channel. 

36. (original) The computer program product according to claim 32, wherein all of the virtual 
channels reside within one domain. 

37. (original) The computer program product according to claim 32, further comprising: 

computer code for rekeying the virtual channel key when membership of the virtual 
channel changes. 

38. (original) The computer program product according to claim 33, further comprising: 

computer code for associating an unlimited duration with a virtual channel creating a 
permanent virtual channel. 
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39. (original) The computer program product according to claim 33, wherein a member may join 
a virtual channel for less than the virtual channel's full time duration- 

40. (original) The computer program product according to claim 33, further comprising: 

computer code for creating a lower and upper bounds for the virtual channel based on the 
time duration of the virtual channel. 

41. (original) The computer program product according to claim 33, further comprising: 

computer code for reassigning time duration for a virtual channel if a virtual channel is 

freed. 

42. (original) The computer program product according to claim 33, further comprising: 

computer code for reassigning time duration for all virtual channels if a virtual channel U 

freed, 

43. (original) The computer program product according to claim 41 7 wherein a virtual channel is 
freed when an upper member expires. 

44. (original) The computer program product according to claim 41, wherein a virtual channel is 
freed when all members expire. 

45. (original) The computer program product according to claim 42, wherein the computer code 
for reassigning, further comprises: 

computer code for reconfiguring the lower and upper bounds of all virtual channels. 

46. (original) The computer program product according to claim 37, further comprising computer 
code for rdceying a virtual channel key only to the members of a freed virtual channel. 
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47. (currently amended) A method of creating a secure multicast session for at least one member 
the multicast -se ssion having a plurality of virtual chann e l s- a y e ast one of th e virtual channels 
having a member, the method comprising: 

establishing, bv a network device, a plurality of virtual channels for t he multicast session, 
each virtual channel defined by an amount of time remaining until expiration: 

associating each member with one of the plurality of multicast virtual channels fex 
correlating an amount of time indicated bv the member with an amount of time remaining until 
expiration of the virtual channels ba s ed on a d e sir e d - c e a aatoni cation time of th e each m e mber ? 
each virtual ohonnol carrying at lea s t one stream of data that is common to all virtual channels 
as s ociated with the multicast s e ssion, bwt -d igbring in membership , 

distributing virtual channel keys to the members, each member receiving one virtual 
channel key based upon their associated virtual channel; and 

rekeytng the virtual channel key when membership of the virtual channel changes. 

48. (original) A method according to claim 47, wherein the virtual channel key is sent in a unicast 
session to each member. 

49. (original) A method according to claim 47, wherein each virtual channel is associated with a 
time duration. 

50. (original) A method according to claim 47, wherein no member can be in more than one 
virtual channel. 

51. (original) A method according to claim 47, further comprising: 

distributing a data key to each multicast virtual channel. 

52. (original) The method according to claim 47, wherein all of the virtual channels reside within 
one domain. 



PAGE 12/22 1 RCVD AT 9/15/2005 1:44:00 PIYI [Eastern Daylight fine] * SVR:USPTO-EFXRF-6/25 * DNIS:2738300 * CSID:9782649119 * DURATION (mm-ss):04-36 



05-Serp-15 11:48am From-Steubing.McGu i ness & Manaras LLP 978 264 9119 T-103 P. 013/022 F-423 

Serial No. 09/400,132 - 10 - Art Unit: 2135 

53. (original) The method according to claim 47, wherein in the act of rekeying at least one 
member is present in the virtual channel after the membership changes. 

54. (original) The method according to claim 48, associating an unlimited duration with a virtual 
channel creating a permanent virtual channel. 

55. (original) The method according to claim 48, wherein a member may join a virtual channel for 
less than the virtual channel's full time duration. 

56. (original) The method according to claim 48, further comprising 

creating a lower and upper bounds for the virtual channel based on the time duration of the virtual 
channel 

57. (original) A method according to claim 48, further comprising: 

reassigning time duration for a virtual channel if a virtual channel is freed. 

58. (original) A method according to claim 48, further comprising: 

reassigning time duration for all virtual channels if a virtual channel is freed. 

59. (original) The method according to claim 57, wherein a virtual channel is freed when an upper 
member expires. 

60. (original) The method according to claim 57, wherein a virtual channel is freed when all 
members expire. 

61. (original) The method according to claim 58, wherein in the act of reassigning further 
comprises the step of reconfiguring the lower and upper bounds of all virtual channels. 

62. (original) The method according to claim 58 7 wherein only the freed virtual channel rekeys the 
virtual channel key to all members of the freed virtual channel. 
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63. (currently amended) An apparatus for creating a secure multicast session for at least one 
membe r, tho multipart s es s ion having a plurality of virtual channels, at least- one virtual chann e l 
having a member, the method comprising: 

a control module for establishing a plurality of yirtuaLchamiels for the multicast session, 
each virtual channel defined by an amount of ti mr* remaining vmril expiration: 

an associator module for associating each member with one of the plurality of multicast 
virtual channels by correlating an amount of time indicated by the member with an amount of time 
remaining until eviration of the vir tual r.hamiek hfi/iod nn n d<yamd rnmmunication tim ft^perireUtf 
the each member, each virtual channel carrying at least one str e am of data that ia common to all 
virtual channels associated with the multicast session, but differing in membership ; 

a distribution module for distributing virtual channel keys to the members, each member 
receiving one virtual channel key based upon their associated virtual channel; and 

a rekeying module for rekeying the virtual channel key when membership of the virtual 
channel changes. 

64. (original) The apparatus according to claim 63, wherein in distribution module the virtual 
channel key is sent in a unicast session to each member. 

65. (original) The apparatus according to claim 63, further comprising; 

a virtual channel module which creates each virtual channel based on a time duration. 

66. (original) The apparatus according to claim 63, wherein the assignment module prevents a 
member from being in more than one virtual channel. 

67. (original) The apparatus according to claim 63, further comprising: 

a data key distributor for distributing a data key to each multicast virtual channel. 

68. (original) The apparatus according to claim 63, wherein the multicast virtual channels reside 
within one domain. 
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69. (original) The apparatus according to claim 65, wherein the virtual channel module creates a 
permanent virtual channel with an unlimited duration. 

70. (original) The apparatus according to claim 65, wherein the receiver may receive a request to 
join a virtual channel for less than the virtual channel's full time duration. 

71. (original) The apparatus according to claim 65, wherein the virtual channel module creates a 
lower and upper bounds for the virtual channel based on the time duration of the virtual channel. 

72. (original) The apparatus according to claim 65, further comprising: 

a reassignment module for reassigning time duration for a virtual channel if the virtual 
channel is freed. 

73. (original) The apparatus according to claim 65, further comprising; 

a reassignment module for reassigning time duration for all virtual channels if a virtual 
channel is freed. 

74. (original) The apparatus according to claim 72, wherein a virtual channel is freed when an 
upper member expires. 

75. (original) The apparatus according to claim 72, wherein a virtual channel is freed when all 
members expire. 

76. (original) The apparatus according to claim 73, wherein the reassignment module reconfigures 
the lower and upper bounds of all virtual channels. 

77. (original) The apparatus according to claim 63, wherein the rekeying module rekeys the 
virtual channel key to all members of a freed virtual channel. 
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78. (currently amended) A computer program product for use on a computer system for creating 
a secure multicast session having at least one membe r, the multicast - scg a ion having a plurality of 
virhinl ft hnnn d r ^ nt lnnst ftrtft virtual channel having a m e mb e r , the computer program product 
comprising a computer usable medium having computer readable program code thereon, the 
computer readable program code including: 

computer code for establishing a plurality of virtual ch annels for th e multicast session, 
each virtual channel defined by an amount of time remaining until expiration; 

computer code for associating each member, with one of the plurality of multicast virtual 
channels by correlatin g an ammmt of time indicated by the me mber with an amount of time 
rgmainin p until expiration of the virtual channels based on a desired communication tim e p e ri od 
for the oaoh member, each virtual chann e l - carrying at least on e stream of data that is common to 
all virtual channels associat e d - with th e multicast session, but differing in membership ; 

computer code for distributing virtual channel keys to the members, each member 
receiving one virtual channel key based upon their associated virtual channel; and 

computer code for rekeying the virtual channel key when membership of the virtual 
channel changes. 

79. (original) The apparatus according to claim 78, wherein in distribution module the virtual 
channel key is sent in a unicast session to each member. 

80. (original) A computer program product according to claim 78, wherein each virtual channel is 
associated with a time duratioa 

81. (original) A computer program product according to claim 78, wherein no member can be in 
more than one virtual channel. 

82. (original) A computer program product according to claim 78, further comprising: 

computer code for distributing a data key to each multicast virtual channel. 
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83 . (original) The computer program product according to claim 78, wherein all of the virtual 
channels reside within one domain. 

84. (original) The computer program product according to claim 80, further comprising; 

computer code for associating an unlimited duration with a virtual channel creating a 
permanent virtual channel. 

85. (original) The computer program product according to claim 80, wherein a member may join 
a virtual channel for less than the virtual channel's full time duration. 

86. (original) The computer program product according to claim 80, further comprising 

computer code for creating a lower and upper bounds for the virtual channel based on the 
time duration of the virtual channel. 

87. (original) The computer program product according to claim 80, further comprising: 

computer code for reassigning time duration for a virtual channel if a virtual channel is 

freed. 

88. (original) The computer program product according to claim 80, further comprising; 

computer code for reassigning time duration for all virtual channels if a virtual channel is 

freed. 

89. (original) The computer program product according to claim 81, wherein a virtual channel is 
freed when an upper member expires. 

90. (original) The computer program product according to claim 81, wherein a virtual channel is 
freed when all members expire. 
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91. (original) The computer program product according to claim 82 ? wherein the computer code 
for reassigning further comprises computer code for reconfiguring the lower and upper bounds of 
all virtual channels. 

92. (original) The computer program product according to claim 80, further comprising computer 
code for rekeying a virtual channel key only to the members of the freed virtual channel. 
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